Blockchain based hardware appliance authentication

ABSTRACT

Hardware appliances with multiple sensors, such as automobiles, can be authenticated on a blockchain based platform using authentication values generated data provided by the hardware appliances, such as sensor data, log data, location data. Requests for service can be managed by the blockchain based platform based on authentication values of the hardware appliances.

PRIORITY

This application claims the benefit of priority to U.S. ProvisionalPatent Application No. 62/764,760, filed Aug. 16, 2018, which isincorporated by reference herein in its entirety.

TECHNICAL FIELD

Embodiments of the present disclosure relate generally to imagemanipulation and, more particularly, but not by way of limitation, tointeractions with hardware appliances, such as vehicles or homeappliances.

BACKGROUND

Hardware appliances, such as cars or laundry machines, are increasinglybecoming “smart” through integration of network-enabled computers intosuch devices. While these smart devices have advanced networkingcapabilities, it can be difficult to authenticate smart devices because,like computers, smart-enabled appliances are susceptible to hacking andfraudulent manipulation by malicious entities, such as malware ormalicious users.

BRIEF DESCRIPTION OF THE DRAWINGS

To easily identify the discussion of any particular element or act, themost significant digit or digits in a reference number refer to thefigure (“FIG.”) number in which that element or act is first introduced.

FIGS. 1A and 1B show example network architectures, according to someexample embodiments.

FIG. 2 shows an example runtime data architecture for a hardwareappliance authentication network architecture, according to some exampleembodiments.

FIG. 3 shows an example blockchain network architecture for interactionsbetween blockchain entities, according to some example embodiments.

FIG. 4A shows an example blockchain runtime architecture, according tosome example embodiments.

FIG. 4B shows an example smart contract finite state machine, accordingto some example embodiments.

FIG. 5 shows a network lane diagram for interactions between differententities, according to some example embodiments.

FIG. 6 shows example functional engines of an interaction system,according to some example embodiments.

FIG. 7 shows a flow diagram for an example method for managing afingerprint access value for a hardware appliance, according to someexample embodiments.

FIG. 8 shows a flow diagram or example method for generating afingerprint permission access value, according to some exampleembodiments.

FIG. 9 shows a flow diagram of an example method for managing a vehiclerequest using fingerprint access data for a hardware appliance,according to some example embodiments.

FIG. 10 shows a flow diagram of an example method for managing machineaccounts using the architecture, according to some example embodiments.

FIG. 11 shows a flow diagram for example method for sequencing traffic,according to some example embodiments.

FIGS. 12A-12K show example user interfaces for implementing hardwareappliance authentication, according to some example embodiments.

FIG. 13 is a block diagram illustrating a representative softwarearchitecture, which may be used in conjunction with various hardwarearchitectures herein described.

FIG. 14 is a block diagram illustrating components of a machine,according to some example embodiments, able to read instructions from amachine-readable medium (e.g., a machine-readable storage medium) andperform any one or more of the methodologies discussed herein.

DETAILED DESCRIPTION

The description that follows includes systems, methods, techniques,instruction sequences, and computing machine program products thatembody illustrative embodiments of the disclosure. In the followingdescription, for the purposes of explanation, numerous specific detailsare set forth in order to provide an understanding of variousembodiments of the inventive subject matter. It will be evident,however, to those skilled in the art, that embodiments of the inventivesubject matter may be practiced without these specific details. Ingeneral, well-known instruction instances, protocols, structures, andtechniques are not necessarily shown in detail.

With reference to FIG. 1A, an example embodiment of a high-levelclient-server-based network architecture 100 is shown. A networkedsystem 102, in the example forms of a network-based management platformthat can provide server-side processing via a network 104 (e.g., theInternet or wide area network (WAN)) to one or more client devices 110.In some implementations, a user (e.g., user 106) interacts with thenetworked system 102 using the client device 110. The client device 110may execute the application 114 as a local application, e.g., anapplication integrated into an operation system of the client device 110or a cloud-based application (e.g., through an Internet browser portalaccessible via a user session created after logging in via username andpassword validation).

In various implementations, the client device 110 comprises a computingdevice that includes at least a display and communication capabilitiesthat provide access to the networked system 102 via the network 104. Theclient device 110 comprises, but is not limited to, a remote device,work station, computer, general purpose computer, Internet appliance,hand-held device, wireless device, portable device, wearable computer,cellular or mobile phone, personal digital assistant (PDA), smart phone,tablet, ultrabook, netbook, laptop, desktop, multi-processor system,microprocessor-based or programmable consumer electronic, game consoles,set-top box, network personal computer (PC), mini-computer, and soforth. In an example embodiment, the client device 110 comprises one ormore of a touch screen, accelerometer, gyroscope, biometric sensor,camera, microphone, Global Positioning System (GPS) device, and thelike. The instances may be platform specific to the operating system ordevice in which they are installed. For example, the first instance maybe an iOS application and the second instance may be an Androidapplication.

The client device 110 communicates with the network 104 via a wired orwireless connection. For example, one or more portions of the network104 comprises an ad hoc network, an intranet, an extranet, a virtualprivate network (VPN), a local area network (LAN), a wireless LAN(WLAN), a wide area network (WAN), a wireless WAN (WWAN), a metropolitanarea network (MAN), a portion of the Internet, a portion of the publicswitched telephone network (PSTN), a cellular telephone network, awireless network, a Wireless Fidelity (WI-FI®) network, a WorldwideInteroperability for Microwave Access (WiMax) network, another type ofnetwork, or any suitable combination thereof.

Users (e.g., the user 106) comprise a person, a machine, or other meansof interacting with the client device 110. In some example embodiments,the user 106 is not part of the network architecture 100, but interactswith the network architecture 100 via the client device 110 or anothermeans. For instance, the user 106 provides input (e.g., touch screeninput or alphanumeric input) to the client device 110 and the input iscommunicated to the networked system 102 via the network 104. In thisinstance, the networked system 102, in response to receiving the inputfrom the user 106, communicates information to the client device 110 viathe network 104 to be presented to the user 106. In this way, the user106 can interact with the networked system 102 using the client device110.

The API server 120 and the web server 122 are coupled to, and provideprogrammatic and web interfaces respectively to, one or more applicationserver 140. The application server 140 can host a machine entityplatform 147, which can comprise one or more modules or applications andeach of which can be embodied as hardware, software, firmware, or anycombination thereof. The application server 140 is, in turn, shown to becoupled to a database server 124 that facilitates access to one or moreinformation storage repositories, such as database 126 (e.g., relationaldatabase system, blockchain distributed ledger). In an exampleembodiment, the database 126 comprises one or more storage devices thatstore information to be accessed by the platform 147, such as blockobjects where each block object is a database object corresponding to ahardware appliance 153 (e.g., an autonomous vehicle, a rental vehicle, asmart refrigerator). Additionally, in some embodiments, block objectdata may be cached locally on the client device 110. Further, while theclient-server-based network architecture 100 shown in FIG. 1 employs aclient-server architecture, the present inventive subject matter is, ofcourse, not limited to such an architecture, and can equally well findapplication in a distributed, or peer-to-peer, architecture system, forexample as discussed below with reference to FIG. 3.

FIG. 1B shows an example hardware authentication network architecture150 for management of authentication and processing of hardwareappliance-based requests, according to some example embodiments. In thehardware authentication network architecture 150, a plurality ofhardware appliances 153 interact with the machine entity platform 147(hosted on server 140) for different service tasks that are managed on adatabase 185, such as a distributed ledger or blockchain. Asillustrated, each block of the blockchain references a previous block(e.g., a hash of a previous block), such that any change to previousblocks changes hash values of later blocks and such changes can beinvalidated by blockchain entities (e.g., peers, miners).

The hardware appliances 153 each include a plurality of sensors thatmeasure different parameters of a given appliance. For example, thehardware appliances 153 can be a fleet of cars with sensors 165 thatmeasure different operational parameters of the cars. For instance, insome example embodiments, “sensor 1” is an odometer that measures howfar a given car has traveled, “sensor 2” is a fuel gauge that measuresthe fuel level of the given car, “sensor 3” is a location sensor (e.g.,GPS sensor) that measures the given car's current and past locations,and so on. The sensor data from the plurality of sensors 165 istransmitted to a machine entity platform 147 via a vehicle interface(e.g., a telematics interface, OEM interface, OBD interface, API networkinterface, as discussed in further detail below in FIG. 2). For example,each of the cars can include a network interface (e.g., telematicsdevice with an Internet connection or SIM-card based wirelessconnection) that uploads sensor data over a secure channel to the entityplatform 147. Although a vehicle is discussed here as an examplehardware appliance, it is appreciated that other hardware appliancesthat have a plurality of sensors can likewise be managed by the hardwareauthentication network architecture 150. For example, a smartrefrigerator can include a plurality of sensors (e.g., freezertemperature, main compartment temperature, quantities of items stored),and upload the refrigerator sensor data to the machine entity platform147 over a network interface (e.g., SIM-card based wireless card,physical network cord connections, such as a direct connection to auser's home router).

The machine entity platform 147 includes a hardware interactionmanagement system 170 that manages generating and updating a fingerprintaccess data for each of the plurality of hardware appliances 153. Thefingerprint access data for a given hardware appliance is a value usedto permit or deny interaction requests (e.g., service requests) over thehardware authentication network architecture 150. For example, if a carhardware appliance is low on fuel, a fuel refill request can begenerated by the hardware appliance or by another entity (e.g., fleetowner, service provider), and the fuel refill request is approved orrejected based on the fingerprint access data meeting or not meeting apre-configured threshold in a smartcontract managed by the architecture150. As an example, if the fingerprint access data is out of ten, andfuel refill requests have preconfigured threshold for fuel refills ofseven, then the fuel refill request will be authorized if the car'sfingerprint access data is seven or higher. Different exampleembodiments for generating fingerprint access data for each of thehardware appliances is discussed in further detail below with referenceto FIG. 8.

In some example embodiments, the hardware appliance tasks from whichrequests can be generated are specified in a smartcontract that ismanaged by a blockchain. A smartcontract is a unit of programmable codecontaining conditions and parameters, that can be manipulated byblockchain entities (e.g., peers, miners, clients) to record data on ablockchain. In some example embodiments, the smartcontract specifieshardware appliance tasks that can be automatically or manually approvedfor completion (e.g., via a service provider of the hardware appliance).

Upon completion of tasks or upon receipt of data (e.g., sensor data)from the hardware appliances, entries can be submitted to an immutabledatabase platform 185, such as a distributed ledger. The databaseplatform 185 can include, for example, a cryptocurrency basedblockchain, an Ethereum blockchain, a Hyperledger Fabric blockchainsystem, or other types of immutable distributed database environments.In some example embodiments, the database platform 185 is an externalnetwork with which the machine entity platform 147 interacts (e.g., viasubmission of requests to miners of the blockchain network). Forinstance, according to some example embodiments, the database platform185 is an Ethereum network in which the smartcontracts are interactedwith via requests to Ethereum miners. In some example embodiments, thedatabase platform 185 is a private permissioned blockchain network(e.g., Hyperledger Fabric) managed as part of the machine entityplatform 147 as denoted by the dotted line entity domain 157.

Hardware appliance service providers 180 are entities that interact withthe hardware appliances 153. Example service providers can include amanufacturer that manufactured the hardware appliances (e.g., a carmanufacturer), a fleet owner of multiple hardware appliances (e.g., anadministrator of a company that owns a fleet of rental cars orautonomous self-driving cars), maintenance providers (e.g., automechanics), or machine kiosks, such a toll booth or gas station pumpequipped with a network computer having an API configured to sendinformation, such as sensor data, to API server 120 (FIG. 1). In someexample embodiments, the service providers 180 interact with anapplication user interface 175 (e.g., mobile application, web-browserbased interface) to perform tasks involving the hardware appliances 153,according to some example embodiments. For example, a fleet managerservice provider can request a plurality of maintenance operations froman auto mechanic service provider, where each communication is stored onthe immutable database 185 and further where authentication and approvalare performed using the fingerprint access data as permission accessvalues are input into a smartcontract.

FIG. 2 shows an example runtime data architecture 200 for an automobilehardware appliance managed by the hardware authentication networkarchitecture 150, according to some example embodiment. In the exampleof FIG. 2, the hardware appliance is a car 205 (e.g., self-driving car,rental car) with a plurality of sensors (not depicted in FIG. 2 forbrevity). Example sensor system can include, for example: a door controlunit (DCU), an engine control unit (ECU), an electric power steeringcontrol unit (PSCU, which will generally be integrated into an EPSpowerpack), a human machine interface (HMI), a powertrain control module(PCM, where in some examples, the functions of the engine control unitand a transmission control unit (TCU) are combined into a single unit,which is the PCM), a seat control unit, a speed control unit (SCU), atelematic control unit (TCU), a transmission control unit (TCU), a brakecontrol module (BCM; ABS or ESC), and a battery management system (BMS),and additional sensors that track operational metrics of the hardwareappliance.

In some example embodiments, vehicle data is collected by a vehicle datainterface, such as an OBD interface 210, a telematic interface 215, oran OEM interface 220. The collected data can include non-sensor baseddata stored on the car's memory (e.g., ECU memory), such as VIN data,ignition cycle data, error codes, etc. The vehicle data interfaces inputupload data into a load balancer 225 (e.g., UDP load balancer, TCP loadbalancer), which distributes the uploaded data to a plurality of parsers230 (e.g., UDP parsers, TCP parsers). The data output from the UDPparsers 230 is then collected in a message service 235, such as AmazonSimple Queuing Service (AWS-SQS). The queued messages are then inputinto an application interface 240 managed by the entity platform 147,such an Elixir Application RestAPI. The collected data can then bestored in a database 245 (e.g., a database management system, such asOracle Relational Database System (RDMS), Amazon RDMS, Apache Hadoop).In some example embodiments, different types of data from the vehicle205 are updated at different times or rates. For example, fuel data maybe received from the vehicle 205 and stored in database 245 every hour,whereas log data (e.g., VIN) is received from the car and stored in thedatabase 245 once per day due.

The hardware interaction management system 250 (e.g., an exampleembodiment of system 17) then analyzes the vehicle data stored in thedatabase 245 and generates fingerprint access data for the vehicle 205,which can be updated using new sensor data (e.g., periodically updated,updated in response to a service request, etc.). In some exampleembodiments, the vehicle data is stored in an immutable distributeddatabase, such as a blockchain database 255. The blockchain databasefunctions as an immutable storage device for records of the vehicle andcan further be configured to manage smart contracts that serviceproviders 260-270 use to interact with the vehicle 205. In the exampleillustrated, a first service provider 260 is a fleet owner that owns aplurality of rental cars, including vehicle 205; the second serviceprovider 265 is a bank that manages payments between the vehicle 205 andother service providers, such payments or invoices from the thirdservice provider 270 (e.g., a mechanic) to the first service provider(i.e., the fleet owner).

FIG. 3 shows an example blockchain network architecture 300 forinteractions between blockchain entities, according to some exampleembodiments. In the example embodiment of FIG. 3, four entities aredisplayed, including a first entity 305, such as a vehicle manufacturer;a second entity 310, e.g., a service provider such as a parking meter,toll, gas station kiosk (via smart network enabled point of sale RFIDsensor), human auto-mechanic (e.g., via mobile app or web portal); athird entity 315, such as a payment processor (e.g., a bank, a paymentnetwork such as Visa, or another blockchain network such as acryptocurrency network), and a fourth entity 320, such as the machineentity platform 147 or miner (e.g., an Ethereum miner node).

In some example embodiments, each of the blockchain entities includes amembership service provider 317A-D (MSP) that manages credentials toclients 325A-C and to nodes of a peer node network 330 that comprises aplurality of peers, such as peer node 333. Each of the entities areconnected through a permissioned channel (e.g., Hyperledger channel),and different levels of data can be viewed by different entities,according to some example embodiments. For example, if the third entity315 is a banking network, then the channel connecting the peers of thethird entity 315 (e.g., banking network) may have permissions to viewall data interactions with a smart contract, whereas the other entities(e.g., a car mechanic service provider) may not have access to viewunencrypted messages generates by the peers of the banking network.

The clients 325A-C provide programmatic access to generate interactions(e.g., hardware appliance requests, blockchain record requests, vehiclemachine account invoice) to the peer node network 330. For example, ifthe first entity 305 is a car manufacturer, the clients 325A correspondto vehicles (e.g., cars, trucks, autonomous cars) that can generaterequests for maintenance (e.g., fuel refill, brake maintenance, etc.),which is evaluated by one or more of the peers by way of a smartcontract managed by the peers. For example, peer node 333 can evaluate arequest from one of the clients 325 and grant or reject the requestbased on fingerprint access values from the car, as discussed in furtherdetail below. The interactions with cars (e.g., sensor data, generatedrequests, completed maintenance, completed payments) can be stored in animmutable chained record, such as the blockchain 319. In some exampleembodiments, the peers in the peer node network 330 implement adistributed consensus protocol, such as Proof-of-Work, Proof-of-Stake,or an ordering service with a pluggable consensus network. For instance,the fourth entity can manage an Apache Kafka consensus scheme that plugsinto a Hyperledger Fabric blockchain network, and the peers in the peernetwork are Hyperledger peers. In some example embodiments, anotherentity controls the ordering service with the consensus scheme. Forexample, the fourth entity 320 can be a bank or can be a machine entityplatform 147 that runs a Hyperledger ordering service to manage allpayments and requests and data within the network 300. In some exampleembodiments, the throughput of requests transmitted to one or more ofthe entities is monitored as indicated by throughput 331. The amount ofdata transmitted to a given entity (e.g., third entity 315) can then besequenced so as to not overload a given entity with a multitude ofrequests (e.g., micropayments) as discussed in further detail below.

In some example embodiments, not each entity manages a peer in the peernode network 330. For example, although in the example of FIG. 3, thesecond entity 310 is illustrated as comprising a peer node, in someexample embodiments, the second entity comprises only a client that cangenerated requests to record data in the blockchain. For instance, ifthe second entity 310 is an auto mechanic, the client 325B can beconfigured as a web browser-based cloud software portal that allows theauto-mechanic to record completion of maintenance performed on a givencar. In those example embodiments, the request from auto-mechanic isauto-approved for recordation to the blockchain without evaluation offingerprint data. In other example embodiments, the requests from theauto-mechanic client are not auto-approved, and instead the fingerprintdata from the car is evaluated to ensure that the requested task wascompleted. For instance, the auto-mechanic client may submit a recordrequest that a given car was refueled, but the record request is notgranted until the fingerprint values from the car including the gasgauge sensor indicate that refueling actually occurred.

FIG. 4A shows an example blockchain runtime architecture 400, accordingto some example embodiments. In the example illustrated, the client 405is a software application (e.g., mobile application with an integratedSDK) installed on a user device (e.g., a smartphone), an applicationinstalled in a hardware appliance (e.g., a smart car with an onboardcomputer that can generate requests), or a browser interface of cloudsoftware (e.g., website based portal accessed through an Internetbrowser). The client 405 can initiate requests, such as a proposal whichis submitted to a peer 415. The peer 415 (e.g., peer node 333, FIG. 3)then simulates the request to determine whether the request complieswith a smart contract managed by the peer 415. For example, the peer 415can identify what task is being requested (e.g., a service request, whattype, what value) as well as authentication parameters provided by theclient 405 (e.g., fingerprint data) to determine whether the requestshould be rejected or approved.

In some example embodiments, the smart contract is distributed amongstthe peers and the smart contract is observable by any of the peers, suchthat participant peers have visibility into actions performed by otherpeers, verifiable such that the participants to a given request (e.g.,transaction involving the smartcontract) can prove the agreed terms inthe distributed smartcontract have been met or breached, and privatesuch that visibility of the contents of smart contract interactions areonly visible to those participant peers that are necessary toperformance of the requested smartcontract interaction (e.g., viasession encryption keys).

If the request conforms with the smartcontract via simulation, therequest is approved and the peer 415 endorses the proposal by signingit. The endorsed proposal is then submitted by the client 405 to anorderer 410. The orderer 410 (e.g., a sub-module within hardwareinteraction management system 170, FIG. 1b ) can implement a pluggableconsensus network, such as an Apache Kafka cluster installed on ApacheZookeeper. The orderer 410 batches transactions and conveys the batchedtransactions to the peer 415 for inclusion in the distributed ledger.The batches constitute the block of a blockchain, where block size canvary in size based on how many transactions are to be recorded in agiven block (e.g., ‘BatchSize’ Hyperledger parameter, specifying aquantity of messages/transactions per block, such as 10 transactions perblock), or a time limit (e.g., by setting a ‘BatchSize’ parameter, suchas: batch all transactions received within the previous 60 seconds intoa block), according to some example embodiments.

The peer 415 receives the batched transactions and can reconfirm that nochanges have been made to the transactions (e.g., the read-write set inthe transaction to be written to state have not been modified), and ifno changes are made the peer 415 records the transactions to thedistributed ledger, e.g., blockchain and/or writes data to the statedatabase for that vehicle or block object. In some example embodiments,in determining that the batched transactions are still valid, the peer415 revalidates the fingerprint data of from the client 405 (e.g.,accesses fuel gauge data to revalidate that refueling did occur) andthen submits transactions to the blockchain upon revalidation.

In some example embodiments, the smart contract corresponds to the logicrules agreed upon rules between the entities (e.g., entities 305, 310,315, 320), where the transactional data is stored in two differentdatabases, such as a world state database and the blockchain distributedledger. The world state database holds the latest value of a hardwareappliance asset in the architecture 150. For example, a hardwareappliance can be assigned a credit in a blockchain wallet machineaccount, which can be credited or debited based on interactions with thehardware appliance. For instance, a block object for a new car can becreated, and the world state can record a bridge toll value forunlimited bridge toll payments (e.g., as evaluated through the smartcontract) for the first 10,000 miles traveled by the car or for threeyears from data of sale (as recorded in the blockchain), whichever comesfirst. Then, as micropayment toll invoices are incurred, the machineaccount in the world state for that car is debited to reflect thecurrent value.

In some example embodiments, application logic on the client 405 caninvoke calls to interact with the smart contract managed by the peer.The calls can be invoked via web-portal (e.g., cloud service activesession) or via an application with an SDK. The calls are processed bythe conditional logic integrated into the smart contract managed by thepeers. Example call commands include: “put”, “delete”, and “get”, where“put” and “delete” commands are requests to change data, e.g., put oradd data to the blockchain or delete data from the world state database(not delete from the blockchain as it is immutable); and the “get”command is a request to read from the world state or blockchain, anddoes not cause data to be modified, according to some exampleembodiments.

Although the example embodiment of FIG. 4A is discussed an exampleHyperledger implementation, in which an ordering service and peers canbe distinguished as separate entities, in some example embodiments, aminer entity 420 functions as both the peer node (that interacts withthe smart contract to validate, endorse, and update state changes) andfurther functions as the orderer 410 in that the miner entity 420batches up transactions based on miner's fees included with smartcontract interaction requests. For example, in some example embodiments,the blockchain runtime architecture 400 is an Ethereum blockchainnetwork, where the client 405 is a client device that submitsinteractions addressed to the smart contract network address, which isstored and managed by a plurality of miners such as miner entity 420,which are Ethereum miners that mine blocks of the Ethereum blockchain ona Proof-of-Work or Proof-of-Stake based consensus protocol.

FIG. 4B shows example smart contract 450 as a finite state machine,according to some example embodiments. In the illustrated example, thesmart contract comprises a plurality of states including a pending state460 in which a given request is to be initially evaluated or waiting forrevalidation, a hold state 465 in which manual end-user inputs arerequired (e.g., manual approval of a request from an auto-mechanic useror a banking administrator), a reject state 475 in which a request isrejected as failing to conform with the pre-configured terms of thesmart contract, and an approve state 470 in which the request is grantedbased on the interaction being requested and/or the fingerprint data.

The request data 455 includes a block object identifier (e.g., a uniqueID that used to initially identify but not authenticate the vehicle forwhich service is requested), task data specifying one or more tasksbeing requested (e.g., bridge toll payment request, vehicle fuel refill,washing machine laundry detergent refill, printer ink cartridge refill),and can further include fingerprint access data that functions toauthenticate that the request is for a valid entity. For example, thefingerprint data can be used to reject transactions if the fingerprintdata does not meet a specified threshold, or other conditions (e.g., anexisting flag condition). In the example illustrated, the fingerprintdata of the request data 455 includes granular value data which can bemodified incrementally and weighted, global warning data which tracksreoccurring issues, and flag data that flags errors (e.g., vehicleissues that are rare but serious when and if they arise, such asVIN-IMEI mismatch, odometer rollback). Further details of thefingerprint access data are discussed in further detail below withreference to FIG. 8.

The request data 455 can be simulated by a peer node using thesmartcontract states to approve, reject, place on hold, or otheractions, such as revalidation. For example, assume the smart contract450 specifies that automatic approval of transactions involving lessthan $50 require a fingerprint granular value data of a vehicle to beabove 7, and further assume that the request data 455 is for a refillservice request and the fingerprint data indicates the vehicle has afingerprint value of 9. In this example, the request data 455 enters thepending state, which is a queue within the peer node. Upon validation,the peer node can ascertain that the refill request is for 5 gallons offuel, and that the vehicles fingerprint value is 9, which is over thespecified threshold. In response, the peer node transitions the requestto the approve state automatically, without further human user approvalrequired. In some example embodiments, even if the conditions aresatisfied (e.g., below the price amount, above the fingerprintthreshold), the request remains in the pending state 460 untilrevalidation 480 occurs (e.g., reconfirmation of fuel added). In someexample embodiments, the revalidation 480 is implemented as a cycle, ora time delay loop (e.g., wait one hour, then attempt revalidation),while in other embodiments, the revalidation is event driven, forexample by implementing Key-Value Observing objects (KVOs) that monitorthe fuel state property of the car's block object and in whichrevalidation is triggered upon a KVO indicating the fuel state propertyhas changed.

As an additional example, assume that the smart contract requires manualapproval if a global warning value indicates a reoccurring issue withthe requesting object (e.g., the car) or requires manual approval if anerror flag is raised. For example, if the request data 455 indicatesthat the odometer flag value is set (e.g., indicating the odometer hasbeen rolled back), the smart contract transitions into the hold state465 which requires manual human user inputs of approval (e.g., via userinterface buttons) to approve the request and transition to the approvestate 470, the rejection state 475, or the pending state 460 (e.g., forrevalidation 480 at a later time). Additional request rules can beconfigured into the smart contract finite state machine 450 as requiredper different classes of hardware device. For example, a smart laundrymachine may have an electricity usage sensor, where the averageelectricity usage value over the past month is used to prove the laundrymachine is environmentally friendly and requests from laundry machinesthat are not environmentally friendly are automatically rejected, basedon those machine's electricity usage exceeding a value set in thedistributed smart contract.

FIG. 5 shows a network lane diagram 500 for interactions betweendifferent entities of the network, according to some exampleembodiments. In the illustrated example of FIG. 5, a hardwareinteraction system 505 (e.g., hardware interaction system 170, fourthentity 320) performs operations 505A-505E, a hardware appliance serviceprovider 510 (e.g., auto-mechanic, refrigerator repairperson, secondentity 310 or third entity 315 in FIG. 3, hardware appliance serviceprovider 130, a car manufacturer or fleet owner, etc.) performsoperations 510A-510E, a payment processor entity 515 (e.g., a bankingentity, third-party Bitcoin exchange site, an accounting departmentwithin a company, third entity 315 in FIG. 3) performs operations515A-515B, and a blockchain entity 520 (e.g., a component or Kafka-basedordering service managed by hardware interaction system 170 in FIG. 1B,fourth entity 320 in FIG. 3, an external miner such as an Ethereumminer) performs operations 520A-520E.

At operation 505A, the hardware interaction system 505 creates a vehicleinventory for management by the machine entity platform (e.g., machineentity platform 147). For example, a fleet of rental cars are input asblockchain objects for management, where each rental car has sensors orparameter data (e.g., vehicle identification number (VIN), internationalmobile equipment identity (IMEI)) used to generate respectivefingerprint access values. Further, each of rental fleet car objects arerecorded as blockchain fingerprinted access objects at operation 520A byblockchain entity 520.

At operation 505B, a vehicle event is detected and recorded in the blockobject for the vehicle at operation 520B. For example, one of the rentalcars submits a service request for fuel refill in response to the fleetowner or vehicle itself triggering a fuel request.

At operation 510A, the service provider portal is updated. For example,a web-portal user interface of an auto-mechanic indicates that one ofthe rental cars needs a fuel refill. At operation 510B, the serviceprovider performs the service (e.g., refuel) and the portal userinterface, at operation 505C, displays a pop-up notification to indicatethat the vehicle is being serviced. After servicing, the serviceprovider selects a completion button in the web-portal UI at operation510C. Further, upon completion of the service, a notification or recordindicating that the service is complete is recorded in the blockchain at520C and further a notification is transmitted to the hardwareinteraction system 505, which accesses the fuel gauge sensor of the carat operation 505D and validates that service is completed (e.g., asindicated by the fuel gauge indicating fuel was added to the tank). Thevalidation information is also recorded at operation 520C within theblockchain.

Upon completion of the task, the service provider generates an invoicefor payment at operation 510E, which is transmitted to the paymentprocessor entity 515 at operation 515A for simulation. At operation515A, the payment processor entity 515 access the blockchain data toconfirm that a valid service was requested (e.g., in response to anevent, at operation 505B), and further confirms that service is completevia the data recorded in the blockchain at operation 520C. In someexample embodiments, the simulation is performed by a peer node managingthe smart contract and upon the simulation being completed, the paymentrequest is endorsed (e.g., cryptographically signed) by the paymentprocessor entity 515 and recorded at operation 520D. At operation 515B,the payment entity completes payment operation 515B and records paymentcompletion at operation 520E in the blockchain ledger and the portal isupdated (e.g., pop-up notification) at operation 505E. In some exampleembodiments, the mechanism for payment is external to the operations ofFIG. 5, for example, the payment processor entity 515 may send aphysical check via postal mail, transfer payment electronically (e.g.,PayPal, Visa, perform a wire transfer), then record that payment iscompleted at operation 515B. In some example embodiments, payment iscompleted via a blockchain token managed by the blockchain entity 520.For example, the token can be an Ether token (e.g., a cryptocurrencyunit of the Ethereum network) and the blockchain entity 520 transmitspayment in Ether tokens from an account managed by the payment processorentity 515 to the hardware appliance service provider 510 or to amachine account of the vehicle (as tracked in the world state data forthe vehicle).

FIG. 6 shows example functional engines of the hardware interactionmanagement system 170, according to some example embodiments. To avoidobscuring the inventive subject matter with unnecessary detail, variousfunctional components (e.g., engines) that are not germane to conveyingan understanding of the inventive subject matter have been omitted fromFIG. 6. However, a skilled artisan will readily recognize that variousadditional functional components may be supported by the hardwareinteraction management system 170 to facilitate additional functionalitythat is not specifically described herein.

As is understood by skilled artisans in the relevant computer arts, eachfunctional component (e.g., engine) illustrated in FIG. 6 may beimplemented using hardware (e.g., a processor of a machine) or acombination of logic (e.g., executable software instructions) andhardware (e.g., memory and processor of a machine) for executing thelogic. Furthermore, the various functional components depicted in FIG. 6may reside on a single computer (e.g., a laptop), or may be distributedacross several computers in various arrangements such as cloud-basedarchitectures. Moreover, any two or more modules of the hardwareinteraction management system 170 may be combined into a single module,or subdivided among multiple modules. It shall be appreciated that whilethe functional components (e.g., engines) of FIG. 6 are discussed in thesingular sense, in other embodiments, multiple instances of one or moreof the modules may be employed.

As illustrated, the hardware interaction management system 170 comprisesan ingestion engine 600, a fingerprint engine 605, a block engine 610, amachine account engine 615, an application engine, a sequence engine625, and a database engine 630. The ingestion engine 600 is configuredto retrieve hardware appliance data from the hardware appliances (e.g.,via a sensor interface) or from third party network sites. Thefingerprint engine 605 is configured to generate fingerprint access datafor each of the hardware appliances. The block engine 610 manages ablockchain interactions (e.g., a peer node, a consensus-based orderingservice). The machine account engine 615 manages tracking an asset valuewhich can be credit or debited as tasks (e.g., service requests) areprocessed. The application engine 620 is configured to generate userinterfaces which can be displayed to clients of the hardware interactionmanagement system 170. The sequence engine 625 is configured to monitorthroughput of network traffic to one or more entities interfacing withthe hardware interaction system 170 and sequence traffic transmitted tothe entities based available throughput, as discussed in further detailbelow. The database engine 630 manages non-blockchain based data for thehardware appliances, e.g., in a relational database management systemsuch as database 245 which can track hardware appliance IDs and useraccounts for clients, according to some example embodiments.

FIG. 7 shows a flow diagram for an example method 700 for generating andmanaging fingerprint access data for a hardware appliance, such as acar, according to some example embodiments.

At operation 705, the ingestion engine 600 identifies a vehicle type forwhich fingerprint access data is to be generated. In some exampleembodiments, which data values are included to generate a fingerprintaccess value for a given vehicle is based on the given vehicle's type(e.g., year, make, model), because different vehicles have differentconfigurations and operational parameters (e.g., different types ofsensors, quantity of sensors, different serial data, etc.) For instance,if the fingerprint access value is generated for a modern luxury coupe,then all five data points discussed in FIG. 8 are utilized to generatethe fingerprint access value for the modern luxury coupe because modernluxury coupes generally have the latest technology with a large amountsof sensors. Whereas, for example, a 1997 pickup truck may only have anodometer reading that can be recorded via a physical OBD plugin, andthus only the mileage state value may be used to generate the 1972'spickup truck's fingerprint access value.

At operation 710, ingestion engine 600 receives vehicle data such assensor data, log data, or third-party website data. In some exampleembodiments, the fingerprint access value is generated from differentdata points provided through the vehicle's data interface, e.g., thevehicle's telematics interface. The data interface can be integratedinto the vehicle itself (e.g., integrated into a car's computer system)or be implemented as a plug-in module (e.g., a physical device that canbe plugged into a vehicle's OBD port to continually record and uploaddata to the system 170).

At operation 715, the fingerprint engine 605 generates fingerprintaccess values based on the identified vehicle type (e.g., based onavailable state sensor data points available for that vehicle type). Thefingerprint access value for a given vehicle indicates the vehicle'strustworthiness in the network architecture 150. For instance, thefingerprint access value functions as a signature value (e.g., digitalsignature), derived from vehicle data, that functions to authenticatethe vehicle and demonstrate that a given service request is originatingfrom the vehicle it claims to be, where the level of access is grantedor rejected based on the type of request being generated (e.g.,transactional amount for the request) and pre-set smartcontract valuesmanaged by the smart contract. In some example embodiments, each vehicledata point used to generate the fingerprint is weighted (e.g., from 1 to10) using preconfigured weights that are based on the individual datapoint's usefulness in authenticating the vehicle. For instance, in someexample embodiments, the odometer reading is preconfigured with a hightrust weight (e.g., 7, 8, 9, 10), as the odometer value should beincrementing as a function of time, which is a pattern that isconsistent and difficult to spoof. Whereas fuel-level readings can bepreconfigured with a lower weight because fuel-level data fluctuates,and is somewhat more noisey and less consistent, and thereby less usefulin authenticating the vehicle. For instance, it is unlikely that a givenvehicle's mileage will jump from 50,000 miles down to 20,000 miles or upto 80,000 miles in normal operating conditions. Thus, a service requestfrom a car with an odometer reading that has been rolled back 30,000miles or increased 30,000 miles overnight is likely fraudulent. Whereas,just because a vehicle's fuel-level reading is not consistent with thecar's past data does not necessarily mean the car has been manipulated:the anomalous fuel-level readings may be due to a valid fuel pumpproblem, which does not impugn the car's authentication ortrustworthiness within the architecture 150.

In some example embodiments, the gathering and usage of the differenttypes of vehicle data can vary. For instance, the VIN state value can beupdated once per day as a vehicle's VIN data does not vary often,whereas the odometer reading may be pulled from the vehicle to updatethe fingerprint access value multiple times per day as the odometerreading increases per distance travelled.

In some example embodiments, each type of vehicle state data is analyzedusing three elements, including (1) a granular value data score, whichis the sum of all the granular data points multiplied by a weight forthat data type, (2) a global warning running value, which is thequantity of times a risky occurrence is detected over a longer time span(e.g., one week) or a longer record span (e.g., within the last 100records), or from multiple different types of sensor data (e.g., datafrom the fuel sensor, and data from the tire pressure sensor, and (3) anerror or rejection flag, which is a flag that can be triggered when apreconfigured condition is detected for that given state data pointtype.

As an illustrative example, assume the hardware appliance is a car withtwo types of data points used to generate the fingerprint access value:a VIN state value that analyzes the car's VIN data, and a fuel levelstate value that analyzes the car's fuel gauge readings. An exampletable is displayed below, though it is appreciated the table is merelyan example of data algorithmically generated via looping controloperations (e.g., a for loop for each class of vehicle data type to beanalyzed), and no tables need be generated to generate the fingerprintaccess values.

TABLE 1 State Initial State State Current Type Value Weight MaximumState Value VIN 10,000 0.8 8,000 8,000 Fuel 10,000 0.2 2,000 500 10,0008,500

In the above table, the first column lists the state data type for thatrow, such as any sensor data or parameter data (e.g., VIN data, serialdata, log data) derived from the hardware appliance. The initial valuerow lists the initial state value for each state data type. The stateweight column lists pre-configured usefulness weightings that attenuatevalues based on how useful the data type is in authenticating a vehicle.The state maximum column lists a state value maximum value obtainablefor that state data type per the weighting (e.g., for VIN, 10,000 ismultiplied by the 0.8 weight to yield a maximum usefulness of 8,000 forVIN state data). The current state value is the state value for thatcar, which is created granular value algorithm for that data type. Forexample, with reference to the VIN row, the initial value is weightedfrom 10,000 to 8,000 (as multiplied by 0.8), due to VIN records beinggenerally trustworthy but not dispositive in a car's identity. Further,the car's VIN records are then analyzed, and the 8,000-state maximum canbe reduced or kept the same based on granular increments (e.g.,decrementing from 8,000 by 1,500 for each VIN record that does not matchits value from a previous VIN record). In the example in the table, theVIN records for the car did not necessitate the State Maximum value bemodified, thus the car's state value for the VIN state data point is8,000. In contrast, the fuel data type is weighted down to 2,000 maximumas fuel levels are less useful in authenticating the car due theirdynamic noisey nature. Further, the vehicle's state maximum wasdecremented from 2,000 to 500, which are due to granular adjustments.The two current granular values are then added together to yield agranular total value 8,500 which is measured against the total stateaggregate value of 10,000 (8,000 from the VIN row, and 2,000 from thefuel row). For instance, the score of the vehicle can be expressed as apercentage or ratio: 85/100, which is then stored as the car'sfingerprint access score. Additional detailed examples of modifying thefingerprint to yield the Current State Value for a given data type arediscussed below with reference to FIG. 8 below.

Continuing, at operation 720, the block engine 610 updates a blockobject for the vehicle, where the block object includes the fingerprintaccess data. In some example embodiments, each block object isidentified by a block object identifier, which functions as a uniqueidentifier for a given block object that tracks a given hardwareappliance (e.g., vehicle). That is, for example, a first block objectcan be created for a first autonomous vehicle, where the firstautonomous vehicle has a first unique identifier (e.g., “0001”) and oneor more items of fingerprint data (e.g., 77/100, “0” global values, “0”flag value), a second block object can be created for a secondautonomous vehicle, where the second autonomous vehicle as a secondunique identifier and one or more items of fingerprint data (e.g.,77/100, “0” global values, “0” flag value). The unique identifier can beused to initially identify what vehicle is involved in a giventransaction. However, mere submission of a given vehicle's block objectidentifier may not authorize or validate the request; rather, thefingerprint data is computed and compared against overall data for thatvehicle to continuously validate the vehicle in a secure manner that isdifficult to defraud. That is, whereas a credit card number is used bypast approaches to approve a task, the unique identifier here is merelyused to initially track records, and the authentication and approval ofa given task is performed via the fingerprint data, which iscontinuously updated at operation 725 using hardware appliance provideddata.

FIG. 8 shows a flow diagram or example method 800 for generatingfingerprint access data, according to some example embodiments. Themethod 800 is an example subroutine function that can be called byoperation 715 of method 700. Upon invocation, method 800 executesadditional sub-routines to generate a plurality of vehicle fingerprintdata points, which are combined to generate the fingerprint access valuewhich is returned or otherwise stored in memory upon completion of thesubroutine function.

Within each of operations 805-825 the granular value data is modified bya custom granular scheme for that data type (decrementing 1,500 for eachanomalous VIN record), and at the end of operation 825, the five storedgranular data values are combined at operation 835 to generate thefingerprint access value (e.g., 91/100 in FIG. 12C), according to someexample embodiments. Further, at each of the operations 805-825, if aglobal warning condition is met, then the global count data is updatedat operation 827, and if a flag condition is met for that state datatype, then the flag data is updated at operation 830. The global warningcount data and the flag data can then be used to modify the generatedaggregated score (decrement the granular data by 5,000 if a flagexists), or stored as separate values at operation 840 (e.g., a tuplecomprising: a granular score, global count value, and flag value) whichcan be used to grant or authorize different requests by the smartcontracts on-chain. For instance, the smart contract can specifyautomatic rejection of a task if a global warning count surpasses aspecified threshold, where the global warning count is analyzed as adata value separate from the granular score data.

A detailed example for each of the operations is here discussed, but itis appreciated that the values mentioned are examples, and can bedifferently configured or specified based on different data typesavailable or hardware appliances.

At operation 805, the fingerprint engine 605 generates a serial statevalue. The serial state authenticates the vehicle based on the vehicle'sidentifiers, such as a license place, VIN number, manufacturercode/model, or other numerical identifiers. In some example embodiments,the granular serial state value is performed by: first setting theinitial value of the granular serial state value to 10,000; followed byretrieving the last 20 days worth of serial data (e.g., last 20 daysworth of VIN records pulled from car, last 20 days of VIN-IMEIcombination pair data pulled from car); followed by decrementing 10,000by a preset amount for each of day that is missing serial data (e.g.,decreasing 500 points for a first data of missing VIN data, decreasingan additional 500 for a second day of missing VIN data, or decrementingby 500 for each data in which the VIN-IMEI combination changes);reducing the resulting value by the serial weighting (e.g., reducing bymultiplying by 0.8), and storing the resulting value.

An example global warning parameter includes: incrementing the globalwarning counter at operation 827 if the quantity of serial data changessurpasses a threshold. For example, if the VIN-IMEI combination changesmore than five times in the past week, then increment the global warningcount for the vehicle at operation 827.

An example rejection flag parameter includes: set a rejection flag atoperation 830 if the VIN or VIN-IMEI pair changes in the first 10records for the vehicle (e.g., the first 10 records in the block objectfor the given vehicle).

At operation 810, the fingerprint engine 605 generates a fuel statevalue. For example, the last few thousand fuel gauge readings for thevehicle are accessed and measured against the corresponding odometerdata for each fuel gauge reading to determine whether the increase inmileage is congruent with the decrease in the fuel level. For example,the initial value can be set to 0 instead of 10,000, and for each fuelrecord (in the last few thousand) that decreases in proportion to theodorometer increase, add an increment (e.g., 500) to the initial value.

As an additional example, a fuel usage metric (e.g., miles per gallon,mpg) can be accessed directly from the vehicle sensor interface, and foreach increase in mileage, divide by the mpg to determine expectedgallons of fuel used, and if the actual fuel is within range (e.g., 30%)of the expected fuel used, then add 500 to the initial score. Forinstance, if a coupe traveled 100 miles and the vehicle interface sensoruploaded a 10 mpg value, then the 100 range is divided by the mpg valueto indicate an expected fuel reduction value of 10 gallons.

An example global warning parameter includes: incrementing the globalcounter at operation 827 if the amount of fuel used is negative too manytimes within a set time span. For example, if the fuel used compared tothe distance traveled is negative (e.g., a fill up occurred) more than 5times in one day, then increment the global counter at operation 827.

An example rejection flag update includes: set a rejection flag atoperation 830 if there is an incomplete seal in the fuel system (gas capissue), or if the vehicles ignition is activated while refueling.

At operation 815, the fingerprint engine 605 generates a battery statevalue. For example, the last 30 days of battery data for the vehicle isaveraged and compared against the last 24 hours worth of battery data todetermine whether the last 24 hours of battery data is within margin ofthe average value from the last 30 days. For example, set the initialvalue to “0” and check each of the last 24 hours, and add 415 points foreach hour that is within 20% of the 30-day average.

Further, as shown in FIG. 8, each of the data points measured may or maynot have contributions to the global count and error flag. For example,the battery data may have a global counter value to be tracked asindicated by the dotted line extending from operation 815 (e.g., changein battery voltage by more than 50% indicating a fraudulently swappedbattery), but there is no contribution from operation 815 to flag datamemory value updated and managed via operation 830. This can be due tonot all car issues having an effect on the car's trustworthy-ness. Forexample, the battery may be dead from the lights being left on, which isa mechanical issue that may decrement the granular value data for thecar, but it is not a car authentication issue that is serious enough toset a rejection flag at operation 830.

At operation 820, the fingerprint engine 605 generates an odometer statevalue. For example, starting from an initial value of 0, increment 500for each 10th odometer reading that is positive in value (indicatingthat a positive distance was traveled by the car). An example of aglobal warning value from the odometer state value of operation 820 isincrementing the global warning counter if the distance travelled valueis negative (indicating possible odometer rollback). An example odometerflag set can include if the odometer has been rolled back more than apre-set amount (e.g., 5,000 miles) over any amount of time.

At operation 825, the fingerprint engine 605 generates a location statevalue. For example, the last 10,000 GPS readings from the vehicle areidentified, and the speed is calculated from the latitude/longitude andcorresponding time data; followed by decrementing an initial value of10,000 for every other reading indicating the car was likely travelingover a pre-configured speed (e.g., 100 miles per hour).

An example of a global warning parameter from the location data includesincreasing the global counter at operation 827 if the pre-configuredspeed was exceeded a pre-set amount (e.g., more than 100 miles per hour,more than twenty times per month). An example rejection flag from thelocation data includes setting a rejection flag if the vehicle locationchanges more than a pre-set distance per day (e.g., if the car travelsmore than 1000 miles in 2 hours, set a flag at operation 830).

At operation 830, the fingerprint engine 605 generates a granularvehicle permission access value from the generated granular statevalues. For example, at operation 830, the fingerprint engine aggregateseach of the granular state values generated from the operations 805-825to generate an aggregate value (e.g., 8,500 in the example using thetable above), which is then stored as the fingerprint access value forthe vehicle.

In some example embodiments, the global warning data and the flag datais used to modify the granular score value. For example, for each countin the global counter, decrease by a large value (e.g., larger than isused to increment in the granular operations). In some exampleembodiments, the global counter data is analyzed to determine if aglobal threshold is met, and if and only if the global threshold is metis the global counter values utilized to decrement the aggregatedgranular scores. For example, if there are three or more global countsstored, then decrement 2,000 from the aggregated granular scores foreach global count over three, otherwise do not change the aggregatedgranular score (e.g., if the global warning count is less than 3).

In some example embodiments, anytime there is one or more global flagset at operation 830, the aggregated score is set to a pre-configuredlow value: 1,000 out of 10,000.

In some example embodiments, the global warning counter data and therejection flag data is not used to modify the aggregated granular scoredata. Instead, the fingerprint granular access value, the global warningcount, and error flag data are stored as tuple or array at operation840. In these example embodiments, smartcontracts managed by thearchitecture 150 can specify conditions using the three fingerprint dataitems, such as authorize a certain request only if no flag data is set,or reject any transaction if the fingerprint access value is below someset threshold.

FIG. 9 shows an example flow diagram of an example method 900 formanaging a vehicle request using a smart contract fingerprint accessvalues for the vehicle, according to some example embodiments. Atoperation 905, the block engine 610 stores the smart contract forvehicle. For example, the block engine 610 distributes a pre-configuredsmart contract to multiple block chain entities for processing via peernodes. At operation 910, block engine 610 receives a vehicle requestfrom the client (e.g. request generated by a vehicle, a requestgenerated by a client using a web browser portal). At operation 915, theblock engine 610 identifies a smart contract states and parameters, asdiscussed in FIG. 4B above. At operation 920, the block engine 610processes the vehicle request based on the smart contract parameters andthe fingerprint data generated for the vehicle. At operation 925, theblock engine 610 updates fingerprint access value database on therequest being completed. At operation 930, block engine 610 revalidatesthat the requested task has been performed, e.g., by access sensors ofthe vehicle.

FIG. 10 shows a flow diagram of an example method 1000 for managingmachine accounts using the architecture 150, according to some exampleembodiments. As an illustrative example, the machine account isdiscussed as a fuel credit that is updated as the vehicle consumes fuel.For example, a car manufacturer can manufacture a V8 luxury coupe andsell the coupe with an integrated “Free Gas for the first 10 years or$15,000 dollars, whichever is incurred first” deal, that functions as acredited data value that is managed via a machine account of a blockobject created for the coupe and managed by the architecture 150. Themachine account deal for fuel is thus integrated with the car, and issold to the end-user. As the car incurs miles, fuel transactions ormicrotransactions are created, and authentication via the vehicle'sfingerprint data is performed, and the fuel paid for against or bydebiting the vehicle's machine account for that purpose (e.g.,refueling). In this way, the machine account can is tied to the vehiclewith little to no maintenance by the manufacturer for downstream owners.For example, the luxury coupe can be transferred from a first end-userto a second end-user after the first year and the fuel machine accountis transferred with the car with no title updates required. That is, thesecond user does not have to prove they own the car; rather, requestsfor fuel are validated based on the car's fingerprint data (e.g., fromsensor data), which is agnostic to end-user title records. In someexample embodiments, the machine account is pre-credited by themanufacturer by paying a payment processing entity of the architecture150 (e.g., the third entity 315 in FIG. 3). In other exampleembodiments, the obligation for the manufacture to pay for the coupe'sgas is recorded within the smart contract logic managed by the peers.For example, instead of pre-payment of $15,000 to the coupe's blockobject machine account, the smart contract can be configured withautomatic approval logic that approves fueling requests that areauto-paid by the car manufacturer within the specified terms (e.g.,within the 10 years, or less than $15,000 worth of fuel used). Further,in some example embodiments, the blockchain architecture 150incorporates a cryptocurrency token (e.g., Bitcoin, Ethereum's Ether, ortokens specifically created for the manufacturer channel within network150) and the fuel payments are debited as tokens from the machineaccount for the coupe, which is functions as a permanent blockchainwallet for the vehicle. For example, the machine account can have apublic key of an Ethereum based wallet, to which the car manufacturerdeposits $15,000 worth of tokens, which are used for future paymentswith little to no maintenance or interactions from the car manufacturer.That is, the car manufacturer can agree to logic in the contract, thendeposit value to the machine account for the car, then transactions(e.g., microtransactions) are automatically handled without futuresupervision from the manufacturer.

Although fuel refill credit is discussed here as an example, it isappreciated that the machine account stored in the world state for theblock objects (e.g., hardware appliances) can be configured for otherbaked-in machine account credits, including, for example: car insurancepre-paid for by the car's manufacturer (thereby alleviating dealer legalrequirements and burden), free ink for the life of an inkjet printer,free paid bridge tolls for the life of a vehicle, free downtown parkingwithin a preset geofenced area (e.g., within Downtown San Francisco) forthe life of the vehicle.

However, not all integrated deals need be baked in at the outset of thehardware appliances creation. For example, the machine account can berefill-able by different entities, such as a car's current owner. Forinstance, the coupe's owner can transmit 4,000 cryptocurrency tokens tothe machine account's public key (payment address), and the depositedtokens can be used to pay for various car interactions, such as payingincrementally for high-quality streaming radio, paying for tolls, payingmeters, where said services have integrated SDKs that submittransactions authenticated, validated, and revalidated as discussedabove. Further, as discussed, when and if the user sells the car, thetoken's deposited to the machine account's public key are transferredwith the car automatically. In this way, for example, a third owner of auser German coupe can deposit tokens to the public key address of thecar's machine account for known conditions (e.g., bad tires) so that thefourth user can simply buy the user German coupe and service the carusing the deposited tokens.

Continuing, at operation 1005, the block engine 610 identifies a vehiclemachine account. For example, the block engine 610 identifies anexisting machine account in the world state data or creates a newmachine account for the block object of the vehicle. At operation 1010,the block engine 610 receives a vehicle request. The request can includethe vehicle's unique identifier (e.g., unique identifier for the vehicleon machine entity platform 147, and/or a digital signature generated bythe vehicle using a private key integrated in the vehicle), fingerprintaccess data, and specification of one or more tasks requested (e.g.,fuel refill, insurance debit amount based on miles recently travelled),according to some example embodiments.

At operation 1015, the block engine 610 authenticates vehicle requestfor the vehicle. For example, at operation 1015 the block engine 610authenticates the vehicle based on vehicle's fingerprint access data(e.g., validating the vehicle's fingerprint data is valid per therequested transactions and per the logic of the pre-configured smartcontract). In some example embodiments, the block engine 610authenticates the vehicle based on the vehicle's fingerprint data andfurther based on the request including a valid digital signature fromthe vehicle (e.g., generated using the private key stored on the car,where the digital signatures can be validated using the correspondingpublic key).

At operation 1017, the block engine 610 approves the request. Forexample, a refueling request is preliminarily approved contingent uponon re-validation that fueling occurred.

At operation 1020, the block engine 610 revalidates the request byaccessing the fuel gauge sensor of the vehicle to confirm that the fueltank amount has increased by the correct amount of fuel (e.g., theamount specified in the request of operation 1010).

At operation 1025, the block engine 610 modifies the vehicle blockaccount based on the request and the vehicle fingerprint dataauthenticating the vehicle for the request level. For example, afterrevalidation, the vehicle's machine account is debited to reduce theamount in the machine account. Alternatively, at operation 1025 aninvoice for payment is generated for payment by another entity (e.g.,the car manufacturer, first entity 305 in FIG. 3).

FIG. 11 shows a flow diagram for example method 1100 for sequencingtraffic from blockchain entities to a surge guarded entity, according tosome example embodiments. As discussed above, one of the entities canmanage payments from requested services, such as fuel refills, bridgetoll, parking meters, or auto mechanic work. A network slowdown canoccur if the entity managing payments batches the payments and/or onlyperforms payment clearances at certain times. For example, if the thirdentity 315 is a bank, payment confirmation rates for the bank aredirectly related to the number of payments submitted to the bank, andthe speed at which payments can settle or clear. A bank using automatedclearing house (ACH) for payment settlements is limited as it batchestransactions into batches of approximately one-hundred, and there is acut-off time in the evening (e.g., 5 PM) after which point notransaction settlements can occur. Compounding the issue is the paymentsize. In particular, if the payment size is very small, as they are inmicrotransactions (e.g., 10 cents for a parking meter, or 70 cents for abridge toll in Florida, 10 cent charge for every mile driven in a smartcontract managed insurance policy), and the millions of vehicles aregenerating small transactions, then the payment processing entity canrapidly become overloaded, and hardware appliance micropayments arerendered impossible to implement in a network feasible manner. To thisend, the sequence engine 625 is configured to identify electronicrequests (e.g., micropayment invoices) transmitted to the paymentprocessing entity, and sequences the transmitted requests to the paymentprocessing entity to ensure requests can be completed in a streamingmanner that can be settled within minutes without harming or overloadingthe payment processing entity (e.g., the banking network). In the belowexample, a fuel refill service request for a vehicle with acorresponding block object is discussed as an example, however it isappreciated that the method 500 can be integrated into other block-basedtransaction sequencing approaches.

At operation 1105, the sequence engine 625 initiates streamingsettlements between entities of the block architecture (e.g., betweenentities 305, 310, 315). Configuration of streaming settlements caninvolve the banking entity (e.g., the third entity 315 in FIG. 3) beingconfigured to receive a payment request and approve it withoutsubmission to an ACH or payment network such as a card network (e.g.,Visa). The banking entity can safely perform streaming settlementswithout over extending themselves based on several features of thehardware authentication network architecture 150, including: the bankingentity's ability to ascertain and trust the requesting entity based onthe requesting entity having a high fingerprint access score, where thefingerprint access score is generated from a history of streaming sensordata and constantly regenerated, and further because the banking entitycan rapidly perform revalidation that the service requested has beenperformed. For instance, whereas conventionally the banking entitysubmits in batches of transactions to an ACH which can take days orweeks to clear, the banking entity in the method 1100 can receive atransaction request directly from the payor or merchant (e.g.,auto-mechanic) via the merchant nodes (e.g., peer nodes controlled bythe merchant within the peer node network 330) and no extra payment hopsneed occur between the peer nodes. The banking entity can then quicklysettle the payment via a trust level pre-configured for the vehicle'sfingerprint score (e.g., trust level can be set to 9/10, or a specifiedlevel), and further can perform revalidation that the service was indeedperformed by accessing the distribute ledger blockchain that records thesensor readings (e.g., a fuel gauge that has an increased fuel level dueto a refill). As an additional example, whereas a toll for 70 cents mayconventionally be prohibitively expensive for the banking entity tosettle due to the hops in the payment network (e.g., where each hopcorresponds to an entity, such as credit card company, that charges afee to route), here the banking entity can auto approve the 70 cent tollas the toll was directly received peer to peer with no free-incurringhops, and auto-approved based on the payment amount being small (e.g.,below a smart contract pre-set threshold) and further based on thevehicle's fingerprint permission values indicating trustworthiness forthat level of transaction. Upon completion, the banking entity canimmediately record payment settlement (e.g., operations 515B and 520E)for the small amount instead of batching. Further, in some exampleembodiments, the blockchain ledger is a permissioned private blockchain(e.g., Hyperledger Fabric) in which blocks can be generated for eachtransaction, small batches of transactions, or larger batches oftransactions without miner's fees to create said blocks, such that thepayments can be settled and recorded on the distributed ledger in astreaming manner (e.g., within minutes).

At 1110, the sequence engine 625 determines a throughput of data beingtransmitted to the banking entity. For example, with reference to FIG.3, the throughput 331 of data transmitted to the third entity 315, whichis a banking network, is determined to set a bandwidth limit for thethird entity. Further, according to some example embodiments, thethroughput limit is the rate at which transactions submitted to thethird entity 316 are settled and recorded on the blockchain. Forinstance, with reference to FIG. 5, the sequence engine 625 can identifythe throughput of the banking entity (e.g., payment processor entity515) recording to the blockchain at operation 520D or at operation 520E.This can indicate how quickly the banking entity can settle thestreaming transactions in secure way. That is, while the functionalityof settlement clearance may or may not be disclosed by the bankingentity (many banking entities may choose to keep their settlementmechanics secret), the rate of settlements (e.g., recordation's to ablock) is known as the settlements are recorded to a block and visibleto other entities within the private network (e.g., as in operation 520Efor the invoice generated at operation 510E). Thus, for example, thesequence engine 625 can determine a throughput limit as a bandwidth:data per time with padding (e.g., 1,000 transactions per minuteplus/minus 100 transactions) that the banking entity can settle usingthe streaming settlement of operation 1105.

At operation 1115, the sequence engine 625 identifies an amount ofnetwork traffic. For instance, at operation 1115 the sequence engine 625can identify that a multitude of vehicles in North America submitteddata approximately at the same time (e.g., at the start of the workday), and that a quantity of service requests are generated (e.g.,operation 510A), which take time to complete (e.g., operation 510C), andthus a large quantity of payment transactions are either currently beingsent to the banking entity or will soon be sent to the banking entity.

At operation 1120, the sequence engine 625 sequences the transactionrequests sent to the banking entity using the identified bandwidthlimit. For example, the sequence engine 625 can buffer or time delaytransactions, such that the requests transmitted to the banking entitystay within the bandwidth settlement limit of operation 1110.

In some example embodiments, the sequencing of transaction isimplemented for all nodes (e.g., peers) of the banking entity, while inother embodiments, the sequencing of transactions is implemented onlyfor a hot-spot of peers of the banking entity. For example, if thebanking entity has peers throughout North America, and a large quantityof vehicle transactions occur in Florida at the same time, the sequenceengine 625 can sequence or buffer only those transactions sent to nearbypeers of the banking entity (e.g., buffer only those in Florida).Additionally, the sequence engine 625 can reroute transactions to peernodes of the banking entity that are geographically outside the hot-spot(e.g., in another state). In this way, hardware appliance generatedrequests can be surge guarded from an entity to enable streamingon-chain settlements in near-real time.

FIGS. 12A-12K show example user interfaces for implementing hardwareappliance authentication, according to some example embodiments. FIGS.12A-12H are user interfaces displayed on a first user device (e.g.,logged-in browser session displayed on a laptop of a fleet owner thatmanages a fleet of vehicles), FIGS. 12I and 12J show user interfacesdisplayed on a second user device (e.g., a desktop computer of anauto-mechanic), followed by additional user interface displayed on thefirst user device in FIG. 12K.

In FIG. 12A, a fleet owner user interface 1200 displays a list ofvehicles 1202 managed by the user “Fleet Owner Floyd”. Each of thevehicles in the list of vehicles 1202 corresponds to a block objectmanaged by the architecture 150, comprising a unique identifier, amachine account, fingerprint access value generated from sensors (e.g.,fuel data) and stored in memory on the vehicle (e.g., VIN data). Toinitiate a request for a given vehicle from the list, the user canselect via selector icon 1204 on one or more of the vehicles to initiatea service request.

In FIG. 12B, in response to selecting the “Acme Sports SUV 2017” fromthe list of vehicles 1202, the vehicle's fingerprint data is regeneratedas shown in user interface 1206. For example, the vehicle has a wirelesscommunication module with an integrated SIM-card that enables thevehicle to upload telemetry data (e.g., location data), sensor data, logdata stored in memory of the car. Additionally, external data for thecar maintained by third party websites (e.g., vehicle records websites)can be retrieved for use in generating the fingerprint value.

Next, in FIG. 12C, a vehicle user interface 1208 is displayed with thelatest fingerprint data (e.g., a score of 91/100) and other data for thevehicle is displayed within with tabbed window 1212, which is showingtelemetry data from the vehicle that has been recorded to the blockobject of the vehicle. Further, a pop-up window 1210 indicates thelatest fingerprint data for the vehicle has been stored in theblockchain.

FIG. 12D shows the tabbed window 1212 displaying example sensor datafrom the vehicle that has been recorded to the block chain object forthe vehicle. FIG. 12E shows the tabbed window 1212 displaying examplelog data from the vehicle that has been recorded to the block chainobject for the vehicle. FIG. 12F shows the tabbed window 1212 displayingexample 3rd party data pulled from third-party websites via respectiveAPIs of the 3rd party websites, Edmunds data, and CarFax data.Additionally, vehicle specification data (e.g., engine type, dimensionaldata) is displayed in the tabbed window 1212 below the 3rd partyprovided data. FIG. 12G shows the tabbed window 1212 displaying examplehistory data that has been pulled from the blockchain data for thevehicle.

FIG. 12H shows the tabbed window 1212 displaying example error data fromthe vehicle for errors detected from the last data set provided by thevehicle. As illustrated, the vehicle has low tire pressure (as detectedby integrated tire pressor sensors) and further the vehicle is low infuel (as detected by the fuel tank sensor). The fleet owner user caninitiate a service request by selecting a request service button, suchas Request Air button 1214. In response to selection of the Request Airbutton, a request for the vehicle is generated and recorded on-chain asindicate by pop-up notification 1216. The request specifies a type oftask being requested, along with vehicle fingerprint data (e.g., 91/100)which can be used to auto-approve, auto-reject, manually approve therequest via the smart contract managed by peers of the peer network(e.g., network 330 in FIG. 3).

With reference to FIG. 12I, the request is transmitted to a clientapplication and displayed within user interface 1218, which is a loggedin web-session for the service provider “Mike the Mechanic”. Asillustrated, the “new order” for the Acme Sports SUV 2017 is displayedat the top of the list and the service provider can select the new ordervia selector icon 1221.

In response to selecting the new order, user interface 1222 is displayedon the client device of the service provider, as shown in FIG. 12J. Inthe example of FIG. 12J, a new window 1224 animates into view with a mapfor the service provider to view the vehicle's location (per the latestvehicle info provided during fingerprinting as shown in FIG. 12B), andinput fields for the service provider to enter estimated completion dateinformation, price information, and other data (e.g., notes, comments).Upon the service provider selecting the start repair button 1227, anotification 1226 indicates repair information has been recordedon-chain for the vehicle, including, for example, the repair start date,the input completion data, the price data, and/or any notes entered.

Returning to the fleet owner's device, in FIG. 12K the user interface1228 includes a first pop-up notification 1230 indicating that theservice has completed. Followed by animation of another pop-upnotification 1234 indicating that a payment request from the bankingentity (e.g., third entity 315) for the service request has beenrecorded to the blockchain. Upon the banking entity settling thepayment, notification 1232 is displayed to notify the fleet owner thatthe bank has quickly approved four transaction payments, including thepayment for the tire pressure service.

FIG. 13 is a block diagram 1300 illustrating an example softwarearchitecture 1306, which may be used in conjunction with varioushardware architectures herein described. FIG. 13 is a non-limitingexample of a software architecture, and it will be appreciated that manyother architectures may be implemented to facilitate the functionalitydescribed herein. The software architecture 1306 may execute on hardwaresuch as a machine 1400 of FIG. 14 that includes, among other things,processors, memory, and I/O components. A representative hardware layer1352 is illustrated and can represent, for example, the machine 1400 ofFIG. 14. The representative hardware layer 1352 includes a processingunit 1354 having associated executable instructions 1304. The executableinstructions 1304 represent the executable instructions of the softwarearchitecture 1306, including implementation of the methods, components,and so forth described herein. The hardware layer 1352 also includes amemory/storage 1356, which also has the executable instructions 1304.The hardware layer 1352 may also comprise other hardware 1358.

In the example architecture of FIG. 13, the software architecture 1306may be conceptualized as a stack of layers where each layer providesparticular functionality. For example, the software architecture 1306may include layers such as an operating system 1302, libraries 1320,frameworks/middleware 1318, applications 1416, and a presentation layer1314. Operationally, the applications 1416 and/or other componentswithin the layers may invoke API calls 1308 through the software stackand receive a response in the form of messages 1312. The layersillustrated are representative in nature and not all softwarearchitectures have all layers. For example, some mobile orspecial-purpose operating systems may not provide aframeworks/middleware 1318, while others may provide such a layer. Othersoftware architectures may include additional or different layers.

The operating system 1302 may manage hardware resources and providecommon services. The operating system 1302 may include, for example, akernel 1322, services 1324, and drivers 1326. The kernel 1322 may act asan abstraction layer between the hardware and the other software layers.For example, the kernel 1322 may be responsible for memory management,processor management (e.g., scheduling), component management,networking, security settings, and so on. The services 1324 may provideother common services for the other software layers. The drivers 1326are responsible for controlling or interfacing with the underlyinghardware. For instance, the drivers 1326 include display drivers, cameradrivers, Bluetooth® drivers, flash memory drivers, serial communicationdrivers (e.g., Universal Serial Bus (USB) drivers), Wi-Fi® drivers,audio drivers, power management drivers, and so forth depending on thehardware configuration.

The libraries 1320 provide a common infrastructure that is used by theapplications 1316 and/or other components and/or layers. The libraries1320 provide functionality that allows other software components toperform tasks in an easier fashion than by interfacing directly with theunderlying operating system 1302 functionality (e.g., kernel 1322,services 1324, and/or drivers 1326). The libraries 1320 may includesystem libraries 1344 (e.g., C standard library) that may providefunctions such as memory allocation functions, string manipulationfunctions, mathematical functions, and the like. In addition, thelibraries 1320 may include API libraries 1346 such as media libraries(e.g., libraries to support presentation and manipulation of variousmedia formats such as MPEG4, H.264, MP3, AAC, AMR, JPG, or PNG),graphics libraries (e.g., an OpenGL framework that may be used to render2D and 3D graphic content on a display), database libraries (e.g.,SQLite that may provide various relational database functions), weblibraries (e.g., WebKit that may provide web browsing functionality),and the like. The libraries 1320 may also include a wide variety ofother libraries 1348 to provide many other APIs to the applications 1416and other software components/modules.

The frameworks/middleware 1318 provide a higher-level commoninfrastructure that may be used by the applications and/or othersoftware components/modules. For example, the frameworks/middleware 1318may provide various graphic user interface (GUI) functions, high-levelresource management, high-level location services, and so forth. Theframeworks/middleware 1318 may provide a broad spectrum of other APIsthat may be utilized by the applications and/or other softwarecomponents/modules, some of which may be specific to a particularoperating system 1302 or platform.

The applications 1316 include built-in applications 1338 and/orthird-party applications 1340. Examples of representative built-inapplications 1338 may include, but are not limited to, a contactsapplication, a browser application, a book reader application, alocation application, a media application, a messaging application,and/or a game application. The third-party applications 1340 may includean application developed using the ANDROID™ or IOS™ software developmentkit (SDK) by an entity other than the vendor of the particular platform,and may be mobile software running on a mobile operating system such asIOS™, ANDROID™, WINDOWS® Phone, or other mobile operating systems. Thethird-party applications 1340 may invoke the API calls 1308 provided bythe mobile operating system (such as the operating system 1302) tofacilitate functionality described herein.

The applications 1416 may use built-in operating system functions (e.g.,kernel 1322, services 1324, and/or drivers 1326), libraries 1320, andframeworks/middleware 1318 to create user interfaces to interact withusers of the system. Alternatively, or additionally, in some systems,interactions with a user may occur through a presentation layer, such asthe presentation layer 1314. In these systems, the application/component“logic” can be separated from the aspects of the application/componentthat interact with a user.

FIG. 14 is a block diagram illustrating components of a machine 1400,according to some example embodiments, able to read instructions from amachine-readable medium (e.g., a machine-readable storage medium) andperform any one or more of the methodologies discussed herein.Specifically, FIG. 14 shows a diagrammatic representation of the machine1400 in the example form of a computer system, within which instructions1416 (e.g., software, a program, an application, an applet, an app, orother executable code) for causing the machine 1400 to perform any oneor more of the methodologies discussed herein may be executed. As such,the instructions 1456 may be used to implement modules or componentsdescribed herein. The instructions 1416 transform the general,non-programmed machine 1400 into a particular machine 1400 programmed tocarry out the described and illustrated functions in the mannerdescribed. In alternative embodiments, the machine 1400 operates as astandalone device or may be coupled (e.g., networked) to other machines.In a networked deployment, the machine 1400 may operate in the capacityof a server machine or a client machine in a server-client networkenvironment, or as a peer machine in a peer-to-peer (or distributed)network environment. The machine 1400 may comprise, but not be limitedto, a server computer, a client computer, a personal computer (PC), atablet computer, a laptop computer, a netbook, a set-top box (STB), apersonal digital assistant (PDA), an entertainment media system, acellular telephone, a smartphone, a mobile device, a wearable device(e.g., a smart watch), a smart home device (e.g., a smart appliance),other smart devices, a web appliance, a network router, a networkswitch, a network bridge, or any machine capable of executing theinstructions 1416, sequentially or otherwise, that specify actions to betaken by the machine 1400. Further, while only a single machine 1400 isillustrated, the term “machine” shall also be taken to include acollection of machines that individually or jointly execute theinstructions 1416 to perform any one or more of the methodologiesdiscussed herein.

The machine 1400 may include processors 1410, memory/storage 1430, andI/O components 1450, which may be configured to communicate with eachother such as via a bus 1402. The memory/storage 1430 may include a mainmemory 1432, static memory 1434, and a storage unit 1436, bothaccessible to the processors 1410 such as via the bus 1402. The storageunit 1436 and memory 1432 store the instructions 1416 embodying any oneor more of the methodologies or functions described herein. Theinstructions 1416 may also reside, completely or partially, within thememory 1432, within the storage unit 1436 (e.g., on machinereadable-medium 1438), within at least one of the processors 1410 (e.g.,within the processor cache memory accessible to processors 1414 or1414), or any suitable combination thereof, during execution thereof bythe machine 1400. Accordingly, the memory 1432, the storage unit 1436,and the memory of the processors 1410 are examples of machine-readablemedia.

The I/O components 1450 may include a wide variety of components toreceive input, provide output, produce output, transmit information,exchange information, capture measurements, and so on. The specific I/Ocomponents 1450 that are included in a particular machine 1400 willdepend on the type of machine. For example, portable machines such asmobile phones will likely include a touch input device or other suchinput mechanisms, while a headless server machine will likely notinclude such a touch input device. It will be appreciated that the I/Ocomponents 1450 may include many other components that are not shown inFIG. 14. The I/O components 1450 are grouped according to functionalitymerely for simplifying the following discussion and the grouping is inno way limiting. In various example embodiments, the I/O components 1450may include output components 1452 and input components 1454. The outputcomponents 1452 may include visual components (e.g., a display such as aplasma display panel (PDP), a light-emitting diode (LED) display, aliquid-crystal display (LCD), a projector, or a cathode ray tube (CRT)),acoustic components (e.g., speakers), haptic components (e.g., avibratory motor, resistance mechanisms), other signal generators, and soforth. The input components 1454 may include alphanumeric inputcomponents (e.g., a keyboard, a touch screen configured to receivealphanumeric input, a photo-optical keyboard, or other alphanumericinput components), point-based input components (e.g., a mouse, atouchpad, a trackball, a joystick, a motion sensor, or other pointinginstruments), tactile input components (e.g., a physical button, a touchscreen that provides location and/or force of touches or touch gestures,or other tactile input components), audio input components (e.g., amicrophone), and the like.

In further example embodiments, the I/O components 1450 may includebiometric components 1456, motion components 1458, environmentcomponents 1460, or position components 1462 among a wide array of othercomponents. For example, the biometric components 1456 may includecomponents to detect expressions (e.g., hand expressions, facialexpressions, vocal expressions, body gestures, or eye tracking), measurebiosignals (e.g., blood pressure, heart rate, body temperature,perspiration, or brain waves), identify a person (e.g., voiceidentification, retinal identification, facial identification,fingerprint identification, or electroencephalogram-basedidentification), and the like. The motion components 1458 may includeacceleration sensor components (e.g., accelerometer), gravitation sensorcomponents, rotation sensor components (e.g., gyroscope), and so forth.The environment components 1460 may include, for example, illuminationsensor components (e.g., photometer), temperature sensor components(e.g., one or more thermometers that detect ambient temperature),humidity sensor components, pressure sensor components (e.g.,barometer), acoustic sensor components (e.g., one or more microphonesthat detect background noise), proximity sensor components (e.g.,infrared sensors that detect nearby objects), gas sensors (e.g., gassensors to detect concentrations of hazardous gases for safety or tomeasure pollutants in the atmosphere), or other components that mayprovide indications, measurements, or signals corresponding to asurrounding physical environment. The position components 1462 mayinclude location sensor components (e.g., a GPS receiver component),altitude sensor components (e.g., altimeters or barometers that detectair pressure from which altitude may be derived), orientation sensorcomponents (e.g., magnetometers), and the like.

Communication may be implemented using a wide variety of technologies.The I/O components 1450 may include communication components 1464operable to couple the machine 1400 to a network 1480 or devices 1470via a coupling 1482 and a coupling 1472, respectively. For example, thecommunication components 1464 may include a network interface componentor other suitable device to interface with the network 1480. In furtherexamples, the communication components 1464 may include wiredcommunication components, wireless communication components, cellularcommunication components, near field communication (NFC) components,Bluetooth® components (e.g., Bluetooth® Low Energy), Wi-Fi® components,and other communication components to provide communication via othermodalities. The devices 1470 may be another machine or any of a widevariety of peripheral devices (e.g., a peripheral device coupled via aUSB).

Moreover, the communication components 1464 may detect identifiers orinclude components operable to detect identifiers. For example, thecommunication components 1464 may include radio frequency identification(RFID) tag reader components, NFC smart tag detection components,optical reader components (e.g., an optical sensor to detectone-dimensional barcodes such as Universal Product Code (UPC) barcode,multi-dimensional barcodes such as Quick Response (QR) code, Aztec code,Data Matrix, Dataglyph, MaxiCode, PDF418, Ultra Code, UCC RSS-2Dbarcode, and other optical codes), or acoustic detection components(e.g., microphones to identify tagged audio signals). In addition, avariety of information may be derived via the communication components1464, such as location via Internet Protocol (IP) geolocation, locationvia Wi-Fi® signal triangulation, location via detecting an NFC beaconsignal that may indicate a particular location, and so forth.

“CARRIER SIGNAL” in this context refers to any intangible medium that iscapable of storing, encoding, or carrying instructions 1416 forexecution by the machine 1400, and includes digital or analogcommunications signals or other intangible media to facilitatecommunication of such instructions 1416. Instructions 1416 may betransmitted or received over the network 1480 using a transmissionmedium via a network interface device and using any one of a number ofwell-known transfer protocols.

“CLIENT DEVICE” in this context refers to any machine 1400 thatinterfaces to a network 1480 to obtain resources from one or more serversystems or other client devices 110. A client device 110 may be, but isnot limited to, a mobile phone, desktop computer, laptop, PDA,smartphone, tablet, ultrabook, netbook, multi-processor system,microprocessor-based or programmable consumer electronics system, gameconsole, set-top box, or any other communication device that a user mayuse to access a network 1480.

“COMMUNICATIONS NETWORK” in this context refers to one or more portionsof a network 1480 that may be an ad hoc network, an intranet, anextranet, a virtual private network (VPN), a local area network (LAN), awireless LAN (WLAN), a wide area network (WAN), a wireless WAN (WWAN), ametropolitan area network (MAN), the Internet, a portion of theInternet, a portion of the Public Switched Telephone Network (PSTN), aplain old telephone service (POTS) network, a cellular telephonenetwork, a wireless network, a Wi-Fi® network, another type of network,or a combination of two or more such networks. For example, a network ora portion of a network 1480 may include a wireless or cellular networkand the coupling 1482 may be a Code Division Multiple Access (CDMA)connection, a Global System for Mobile communications (GSM) connection,or another type of cellular or wireless coupling. In this example, thecoupling may implement any of a variety of types of data transfertechnology, such as Single Carrier Radio Transmission Technology(1×RTT), Evolution-Data Optimized (EVDO) technology, General PacketRadio Service (GPRS) technology, Enhanced Data rates for GSM Evolution(EDGE) technology, third Generation Partnership Project (3GPP) including3G, fourth generation wireless (4G) networks, Universal MobileTelecommunications System (UMTS), High-Speed Packet Access (HSPA),Worldwide Interoperability for Microwave Access (WiMAX), Long-TermEvolution (LTE) standard, others defined by various standard-settingorganizations, other long-range protocols, or other data transfertechnology.

“MACHINE-READABLE MEDIUM” in this context refers to a component, adevice, or other tangible media able to store instructions 1416 and datatemporarily or permanently and may include, but is not limited to,random-access memory (RAM), read-only memory (ROM), buffer memory, flashmemory, optical media, magnetic media, cache memory, other types ofstorage (e.g., erasable programmable read-only memory (EPROM)), and/orany suitable combination thereof. The term “machine-readable medium”should be taken to include a single medium or multiple media (e.g., acentralized or distributed database, or associated caches and servers)able to store instructions 1416. The term “machine-readable medium”shall also be taken to include any medium, or combination of multiplemedia, that is capable of storing instructions 1416 (e.g., code) forexecution by a machine 1400, such that the instructions 1416, whenexecuted by one or more processors 1410 of the machine 1400, cause themachine 1400 to perform any one or more of the methodologies describedherein. Accordingly, a “machine-readable medium” refers to a singlestorage apparatus or device, as well as “cloud-based” storage systems orstorage networks that include multiple storage apparatus or devices. Theterm “machine-readable medium” excludes signals per se.

“COMPONENT” in this context refers to a device, a physical entity, orlogic having boundaries defined by function or subroutine calls, branchpoints, APIs, or other technologies that provide for the partitioning ormodularization of particular processing or control functions. Componentsmay be combined via their interfaces with other components to carry outa machine process. A component may be a packaged functional hardwareunit designed for use with other components and a part of a program thatusually performs a particular function of related functions. Componentsmay constitute either software components (e.g., code embodied on amachine-readable medium) or hardware components.

A “hardware component” is a tangible unit capable of performing certainoperations and may be configured or arranged in a certain physicalmanner. In various example embodiments, one or more computer systems(e.g., a standalone computer system, a client computer system, or aserver computer system) or one or more hardware components of a computersystem (e.g., a processor 1414 or a group of processors 1410) may beconfigured by software (e.g., an application or application portion) asa hardware component that operates to perform certain operations asdescribed herein. A hardware component may also be implementedmechanically, electronically, or any suitable combination thereof. Forexample, a hardware component may include dedicated circuitry or logicthat is permanently configured to perform certain operations. A hardwarecomponent may be a special-purpose processor, such as afield-programmable gate array (FPGA) or an application-specificintegrated circuit (ASIC). A hardware component may also includeprogrammable logic or circuitry that is temporarily configured bysoftware to perform certain operations. For example, a hardwarecomponent may include software executed by a general-purpose processoror other programmable processor. Once configured by such software,hardware components become specific machines (or specific components ofa machine 1400) uniquely tailored to perform the configured functionsand are no longer general-purpose processors 1410.

It will be appreciated that the decision to implement a hardwarecomponent mechanically, in dedicated and permanently configuredcircuitry, or in temporarily configured circuitry (e.g., configured bysoftware) may be driven by cost and time considerations. Accordingly,the phrase “hardware component” (or “hardware-implemented component”)should be understood to encompass a tangible entity, be that an entitythat is physically constructed, permanently configured (e.g.,hardwired), or temporarily configured (e.g., programmed) to operate in acertain manner or to perform certain operations described herein.

Considering embodiments in which hardware components are temporarilyconfigured (e.g., programmed), each of the hardware components need notbe configured or instantiated at any one instance in time. For example,where a hardware component comprises a general-purpose processor 1414configured by software to become a special-purpose processor, thegeneral-purpose processor 1414 may be configured as respectivelydifferent special-purpose processors (e.g., comprising differenthardware components) at different times. Software accordingly configuresa particular processor 1414 or processors 1410, for example, toconstitute a particular hardware component at one instance of time andto constitute a different hardware component at a different instance oftime.

Hardware components can provide information to, and receive informationfrom, other hardware components. Accordingly, the described hardwarecomponents may be regarded as being communicatively coupled. Wheremultiple hardware components exist contemporaneously, communications maybe achieved through signal transmission (e.g., over appropriate circuitsand buses) between or among two or more of the hardware components. Inembodiments in which multiple hardware components are configured orinstantiated at different times, communications between or among suchhardware components may be achieved, for example, through the storageand retrieval of information in memory structures to which the multiplehardware components have access. For example, one hardware component mayperform an operation and store the output of that operation in a memorydevice to which it is communicatively coupled. A further hardwarecomponent may then, at a later time, access the memory device toretrieve and process the stored output. Hardware components may alsoinitiate communications with input or output devices, and can operate ona resource (e.g., a collection of information).

The various operations of example methods described herein may beperformed, at least partially, by one or more processors 1410 that aretemporarily configured (e.g., by software) or permanently configured toperform the relevant operations. Whether temporarily or permanentlyconfigured, such processors 1410 may constitute processor-implementedcomponents that operate to perform one or more operations or functionsdescribed herein. As used herein, “processor-implemented component”refers to a hardware component implemented using one or more processors1410. Similarly, the methods described herein may be at least partiallyprocessor-implemented, with a particular processor 1414 or processors1410 being an example of hardware. For example, at least some of theoperations of a method may be performed by one or more processors 1410or processor-implemented components. Moreover, the one or moreprocessors 1410 may also operate to support performance of the relevantoperations in a “cloud computing” environment or as a “software as aservice” (SaaS). For example, at least some of the operations may beperformed by a group of computers (as examples of machines 1400including processors 1410), with these operations being accessible via anetwork 1480 (e.g., the Internet) and via one or more appropriateinterfaces (e.g., an API). The performance of certain of the operationsmay be distributed among the processors 1410, not only residing within asingle machine 1400, but deployed across a number of machines 1400. Insome example embodiments, the processors 1410 or processor-implementedcomponents may be located in a single geographic location (e.g., withina home environment, an office environment, or a server farm). In otherexample embodiments, the processors 1410 or processor-implementedcomponents may be distributed across a number of geographic locations.

“PROCESSOR” in this context refers to any circuit or virtual circuit (aphysical circuit emulated by logic executing on an actual processor1414) that manipulates data values according to control signals (e.g.,“commands,” “op codes,” “machine code,” etc.) and which producescorresponding output signals that are applied to operate a machine 1400.A processor may, for example, be a central processing unit (CPU), areduced instruction set computing (RISC) processor, a complexinstruction set computing (CISC) processor, a graphics processing unit(GPU), a digital signal processor (DSP), an ASIC, a radio-frequencyintegrated circuit (RFIC), or any combination thereof. A processor 1410may further be a multi-core processor 1410 having two or moreindependent processors 1414, 1414 (sometimes referred to as “cores”)that may execute instructions 1416 contemporaneously.

What is claimed is:
 1. A method comprising: receiving, from a vehiclenetwork interface of a vehicle, sensor data generated by a plurality ofsensors of the vehicle; generating, from the sensor data, a vehiclepermission value indicating a level of access to blockchain tasksmanaged by a blockchain network; identifying a blockchain task requestfor the vehicle; validating the vehicle for the blockchain task requestbased on the vehicle permission value generated from the sensor data ofthe vehicle satisfying a pre-configured blockchain threshold that ispre-configured for the blockchain task request; and storing a validationrecord indicating the vehicle is validated for the blockchain taskrequest based on the vehicle permission value.
 2. The method of claim 1,wherein the blockchain task request is generated based on a sensor valuefrom one or more of the sensors of the vehicle not satisfying a sensorthreshold.
 3. The method of claim 2, further comprising: receiving acompletion notification indicating the blockchain task request for thevehicle is complete; and revalidating the vehicle for the blockchaintask request based on an updated sensor value from the one or moresensors satisfying the sensor threshold.
 4. The method of claim 3,further comprising: storing a revalidation record on the blockchainindicating the blockchain task request is revalidated based on theupdated sensor value.
 5. The method of claim 4, further wherein thesensor is a fuel sensor of the vehicle.
 6. The method of claim 1,wherein the plurality of sensors of the vehicle comprises a first sensorand a second sensor, and the sensor data comprises a first sensorreadings set generated by the first sensor and a second sensor readingsset generated by the second sensor.
 7. The method of claim 6, furtherwherein generating the vehicle permission value comprises: identifying afirst sensor numerical score preconfigured for the first sensor;modifying the first sensor numerical score based on individual values ofthe first sensor readings set; identifying a second sensor numericalscore preconfigured for the second sensor; modifying the second sensornumerical score based on individual values of the second sensor readingsset; and generating the vehicle permission value by combining themodified first sensor numerical score and the modified second sensornumerical score.
 8. The method of claim of claim 6, further wherein thefirst sensor is a fuel gauge and the first sensor readings are fuelgauge readings, wherein the second sensor is an odometer and the secondsensor readings are odometer readings, and wherein generating thevehicle permission value comprises: determining that an increase in theodometer readings is offset by a decrease in fuel gauge readings.
 9. Asystem comprising: one or more processors of a machine; and anon-transitory memory for storing instructions that, when executed bythe one or more processors, cause the machine to perform operationscomprising: receiving, from a vehicle network interface of a vehicle,sensor data generated by a plurality of sensors of the vehicle;generating, from the sensor data, a vehicle permission value indicatinga level of access to blockchain tasks managed by a blockchain network;identifying a blockchain task request for the vehicle; validating thevehicle for the blockchain task request based on the vehicle permissionvalue generated from the sensor data of the vehicle satisfying apre-configured blockchain threshold that is pre-configured for theblockchain task request; and storing a validation record indicating thevehicle is validated for the blockchain task request based on thevehicle permission value.
 10. The system of claim 9, wherein theblockchain task request is generated based on a sensor value from one ormore of the sensors of the vehicle not satisfying a sensor threshold.11. The system of claim 10, the operations further comprising: receivinga completion notification indicating the blockchain task request for thevehicle is complete; revalidating the vehicle for the blockchain taskrequest based on an updated sensor value from the one or more sensorssatisfying the sensor threshold.
 12. The system of claim 11, theoperations further comprising: storing a revalidation record on theblockchain indicating the blockchain task request is revalidated basedon the updated sensor value.
 13. The system of claim 12, further whereinthe sensor is a fuel sensor of the vehicle.
 14. The system of claim 9,wherein the plurality of sensors of the vehicle comprises a first sensorand a second sensor, and the sensor data comprises a first sensorreadings set generated by the first sensor and a second sensor readingsset generated by the second sensor.
 15. The system of claim 14, furtherwherein generating the vehicle permission value comprises: identifying afirst sensor numerical score preconfigured for the first sensor;modifying the first sensor numerical score based on individual values ofthe first sensor readings set; identifying a second sensor numericalscore preconfigured for the second sensor; modifying the second sensornumerical score based on individual values of the second sensor readingsset; and generating the vehicle permission value by combining themodified first sensor numerical score and the modified second sensornumerical score.
 16. The system of claim of claim 14, further whereinthe first sensor is a fuel gauge and the first sensor readings are fuelgauge readings, wherein the second sensor is an odometer and the secondsensor readings are odometer readings, and wherein generating thevehicle permission value comprises: determining that an increase in theodometer readings is offset by a decrease in fuel gauge readings.
 17. Anon-transitory machine-readable storage device embodying instructionsthat, when executed by a machine, cause the machine to performoperations comprising: receiving, from a vehicle network interface of avehicle, sensor data generated by a plurality of sensors of the vehicle;generating, from the sensor data, a vehicle permission value indicatinga level of access to blockchain tasks managed by a blockchain network;identifying a blockchain task request for the vehicle; validating thevehicle for the blockchain task request based on the vehicle permissionvalue generated from the sensor data of the vehicle satisfying apre-configured blockchain threshold that is pre-configured for theblockchain task request; and storing a validation record indicating thevehicle is validated for the blockchain task request based on thevehicle permission value.
 18. The machine-readable storage device ofclaim 17, wherein the blockchain task request is generated based on asensor value from one or more of the sensors of the vehicle notsatisfying a sensor threshold.
 19. The machine-readable storage deviceof claim 18, the operations further comprising: receiving a completionnotification indicating the blockchain task request for the vehicle iscomplete; revalidating the vehicle for the blockchain task request basedon an updated sensor value from the one or more sensors satisfying thesensor threshold.
 20. The machine-readable storage device of claim 19,the operations further comprising: storing a revalidation record on theblockchain indicating the blockchain task request is revalidated basedon the updated sensor value.